cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Gepi (administrator) on PC-DE-GEPI on 20-09-2014 13:07:19
Running from C:\Users\Gepi\Desktop
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 7
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway PowerSave Solution\ePowerSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway PowerSave Solution\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Suyin) C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway PowerSave Solution\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [492600 2008-11-05] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1684264 2009-02-06] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Gateway\Gateway PowerSave Solution\ePowerTrayLauncher.exe [437280 2009-04-07] (Acer Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VideoWebCamera] => C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [1552497 2009-04-02] (Suyin)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [866824 2009-02-18] (Dritek System Inc.)
HKLM-x32\...\Run: [RemoteControl8] => c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2008-10-17] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2007-12-14] ()
HKLM-x32\...\Run: [CLMLServer] => c:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe [232192 2009-03-10] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-02] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0c0c&s=2&o=vp64&d=0913&m=nv58_series
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0c0c&s=2&o=vp64&d=0913&m=nv58_series
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Gepi\AppData\Roaming\Mozilla\Firefox\Profiles\6h8pit0n.default
FF SearchEngineOrder.1: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Gepi\AppData\Roaming\Mozilla\Firefox\Profiles\6h8pit0n.default\searchplugins\bing-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-09-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-02]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Gepi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Gepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]
CHR Extension: (Google Drive) - C:\Users\Gepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-03]
CHR Extension: (YouTube) - C:\Users\Gepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-03]
CHR Extension: (Google Search) - C:\Users\Gepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-03]
CHR Extension: (avast! Online Security) - C:\Users\Gepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-03]
CHR Extension: (Google Wallet) - C:\Users\Gepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-03]
CHR Extension: (Gmail) - C:\Users\Gepi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-02] (AVAST Software)
R2 ePowerSvc; C:\Program Files\Gateway\Gateway PowerSave Solution\ePowerSvc.exe [794144 2009-04-07] (Acer Incorporated)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199272 2012-03-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-09-24] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-09-24] (McAfee, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-09-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-02] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-09-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-02] ()
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-09-24] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-09-24] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-09-24] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519192 2013-09-24] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [781312 2013-09-24] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)
R1 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-09-24] (McAfee, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\EX64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-20 13:07 - 2014-09-20 13:08 - 00016612 _____ () C:\Users\Gepi\Desktop\FRST.txt
2014-09-20 13:07 - 2014-09-20 13:07 - 00000000 ____D () C:\FRST
2014-09-20 13:06 - 2014-09-20 13:06 - 02105856 _____ (Farbar) C:\Users\Gepi\Desktop\FRST64.exe
2014-09-20 13:03 - 2014-09-20 13:03 - 00000000 ___RD () C:\Users\Gepi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
2014-09-19 22:05 - 2014-09-19 22:05 - 00000000 ____D () C:\Program Files (x86)\SEAF
2014-09-19 16:31 - 2014-09-19 16:31 - 01498112 _____ () C:\Users\Gepi\Desktop\Guide rapport de labo.ppt
2014-09-19 16:31 - 2014-09-19 16:31 - 01191111 _____ () C:\Users\Gepi\Desktop\Guide rapport de labo.pptx
2014-09-18 20:48 - 2014-09-18 20:48 - 00000000 ____D () C:\Users\Gepi\Documents\regsearch
2014-09-15 21:20 - 2014-09-15 21:20 - 00681295 _____ () C:\Users\Gepi\Documents\Catalog-1.ppsm
2014-09-14 20:31 - 2014-09-14 20:32 - 00498868 _____ (C_XX) C:\Users\Gepi\Desktop\seaf.exe
2014-09-12 20:38 - 2014-09-13 09:00 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-09-12 20:34 - 2014-09-13 09:01 - 00000000 ____D () C:\Users\Gepi\AppData\Roaming\ZHP
2014-09-12 20:34 - 2014-09-12 20:34 - 00001784 _____ () C:\Users\Gepi\Desktop\ZHPFix.lnk
2014-09-12 20:34 - 2014-09-12 20:34 - 00001661 _____ () C:\Users\Gepi\Desktop\ZHPDiag.lnk
2014-09-12 20:34 - 2014-09-12 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-09-12 20:34 - 2014-09-12 20:34 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-09-12 20:33 - 2014-09-12 20:33 - 06858810 _____ (Nicolas Coolman ) C:\Users\Gepi\Desktop\ZHPDiag2.exe
2014-09-11 19:48 - 2014-09-11 19:49 - 00000000 ____D () C:\df1c8e2cd91aeaec139eba337a9cb9b4
2014-09-04 15:29 - 2014-09-13 11:53 - 00000802 _____ () C:\Windows\PFRO.log
2014-09-03 17:44 - 2014-09-03 17:44 - 00000000 ____D () C:\Users\Gepi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-03 17:44 - 2014-09-03 17:44 - 00000000 ____D () C:\Users\Gepi\AppData\Roaming\DropboxMaster
2014-09-03 17:39 - 2014-09-03 17:44 - 00000000 ____D () C:\Users\Gepi\AppData\Roaming\Dropbox
2014-09-03 17:39 - 2014-09-03 17:39 - 00000000 ____D () C:\Users\Gepi\AppData\Roaming\AVAST Software
2014-09-02 07:43 - 2014-09-02 07:43 - 00001791 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-02 07:43 - 2014-09-02 07:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-02 07:42 - 2014-09-20 08:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-02 07:40 - 2014-09-02 07:42 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-02 07:40 - 2014-09-02 07:39 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-02 07:40 - 2014-09-02 07:39 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-02 07:40 - 2014-09-02 07:39 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-02 07:40 - 2014-09-02 07:39 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-09-02 07:39 - 2014-09-02 07:39 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-02 07:39 - 2014-09-02 07:39 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-02 07:39 - 2014-09-02 07:39 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-09-02 07:39 - 2014-09-02 07:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-02 07:39 - 2014-09-02 07:39 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-02 07:33 - 2014-09-02 07:33 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-02 06:47 - 2014-09-02 06:48 - 04862664 _____ (AVAST Software) C:\Users\Gepi\Desktop\avast_free_antivirus_setup_online(1).exe
2014-09-02 06:46 - 2014-09-02 07:28 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-01 22:42 - 2014-09-01 22:42 - 00000000 ____D () C:\sh4ldr
2014-09-01 22:42 - 2014-09-01 22:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:42 - 2014-09-01 22:42 - 00000000 _____ () C:\autoexec.bat
2014-09-01 00:06 - 2014-09-01 00:06 - 00000000 _____ () C:\Users\Gepi\Desktop\3++rk9rH.htm
2014-09-01 00:04 - 2014-09-01 00:04 - 00000000 ____D () C:\Users\Gepi\Desktop\Nouveau dossier (3)
2014-08-31 23:48 - 2014-08-31 23:48 - 00000000 _____ () C:\Users\Gepi\Desktop\lmAl3Tj2.htm

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-20 13:08 - 2014-09-20 13:07 - 00016612 _____ () C:\Users\Gepi\Desktop\FRST.txt
2014-09-20 13:07 - 2014-09-20 13:07 - 00000000 ____D () C:\FRST
2014-09-20 13:06 - 2014-09-20 13:06 - 02105856 _____ (Farbar) C:\Users\Gepi\Desktop\FRST64.exe
2014-09-20 13:06 - 2014-04-18 11:50 - 01865401 _____ () C:\Windows\WindowsUpdate.log
2014-09-20 13:03 - 2014-09-20 13:03 - 00000000 ___RD () C:\Users\Gepi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
2014-09-20 13:02 - 2014-02-03 13:07 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-20 13:02 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-20 13:02 - 2006-11-02 11:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-20 13:02 - 2006-11-02 11:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-20 10:10 - 2013-10-12 09:21 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-20 09:50 - 2014-02-03 13:07 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-20 08:54 - 2014-09-02 07:42 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-19 22:05 - 2014-09-19 22:05 - 00000000 ____D () C:\Program Files (x86)\SEAF
2014-09-19 21:58 - 2013-10-07 18:37 - 00016234 _____ () C:\Users\Gepi\AppData\Roaming\wklnhst.dat
2014-09-19 16:31 - 2014-09-19 16:31 - 01498112 _____ () C:\Users\Gepi\Desktop\Guide rapport de labo.ppt
2014-09-19 16:31 - 2014-09-19 16:31 - 01191111 _____ () C:\Users\Gepi\Desktop\Guide rapport de labo.pptx
2014-09-18 21:59 - 2014-02-03 13:34 - 00005928 _____ () C:\Windows\system32\spsys.log
2014-09-18 20:48 - 2014-09-18 20:48 - 00000000 ____D () C:\Users\Gepi\Documents\regsearch
2014-09-15 21:20 - 2014-09-15 21:20 - 00681295 _____ () C:\Users\Gepi\Documents\Catalog-1.ppsm
2014-09-14 20:32 - 2014-09-14 20:31 - 00498868 _____ (C_XX) C:\Users\Gepi\Desktop\seaf.exe
2014-09-13 11:53 - 2014-09-04 15:29 - 00000802 _____ () C:\Windows\PFRO.log
2014-09-13 09:01 - 2014-09-12 20:34 - 00000000 ____D () C:\Users\Gepi\AppData\Roaming\ZHP
2014-09-13 09:00 - 2014-09-12 20:38 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-09-12 20:34 - 2014-09-12 20:34 - 00001784 _____ () C:\Users\Gepi\Desktop\ZHPFix.lnk
2014-09-12 20:34 - 2014-09-12 20:34 - 00001661 _____ () C:\Users\Gepi\Desktop\ZHPDiag.lnk
2014-09-12 20:34 - 2014-09-12 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-09-12 20:34 - 2014-09-12 20:34 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-09-12 20:33 - 2014-09-12 20:33 - 06858810 _____ (Nicolas Coolman ) C:\Users\Gepi\Desktop\ZHPDiag2.exe
2014-09-11 21:12 - 2013-10-12 09:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 21:12 - 2013-10-12 09:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-11 21:12 - 2013-10-12 09:21 - 00003856 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-11 19:49 - 2014-09-11 19:48 - 00000000 ____D () C:\df1c8e2cd91aeaec139eba337a9cb9b4
2014-09-11 19:49 - 2013-09-18 16:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 19:49 - 2006-11-02 08:35 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-09-11 19:36 - 2006-11-02 11:42 - 00032516 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-04 15:29 - 2013-09-18 12:08 - 00000000 ____D () C:\Users\Gepi
2014-09-03 17:44 - 2014-09-03 17:44 - 00000000 ____D () C:\Users\Gepi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-03 17:44 - 2014-09-03 17:44 - 00000000 ____D () C:\Users\Gepi\AppData\Roaming\DropboxMaster
2014-09-03 17:44 - 2014-09-03 17:39 - 00000000 ____D () C:\Users\Gepi\AppData\Roaming\Dropbox
2014-09-03 17:39 - 2014-09-03 17:39 - 00000000 ____D () C:\Users\Gepi\AppData\Roaming\AVAST Software
2014-09-02 07:43 - 2014-09-02 07:43 - 00001791 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-02 07:43 - 2014-09-02 07:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-02 07:42 - 2014-09-02 07:40 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-02 07:39 - 2014-09-02 07:40 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-02 07:39 - 2014-09-02 07:40 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-02 07:39 - 2014-09-02 07:40 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-02 07:39 - 2014-09-02 07:40 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-09-02 07:39 - 2014-09-02 07:39 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-02 07:39 - 2014-09-02 07:39 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-02 07:39 - 2014-09-02 07:39 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-09-02 07:39 - 2014-09-02 07:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-02 07:39 - 2014-09-02 07:39 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-02 07:36 - 2014-08-19 10:22 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-09-02 07:33 - 2014-09-02 07:33 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-02 07:33 - 2014-02-03 12:09 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-02 07:32 - 2014-03-20 20:36 - 00000000 ____D () C:\Windows\Minidump
2014-09-02 07:28 - 2014-09-02 06:46 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-02 06:48 - 2014-09-02 06:47 - 04862664 _____ (AVAST Software) C:\Users\Gepi\Desktop\avast_free_antivirus_setup_online(1).exe
2014-09-01 22:42 - 2014-09-01 22:42 - 00000000 ____D () C:\sh4ldr
2014-09-01 22:42 - 2014-09-01 22:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:42 - 2014-09-01 22:42 - 00000000 _____ () C:\autoexec.bat
2014-09-01 00:06 - 2014-09-01 00:06 - 00000000 _____ () C:\Users\Gepi\Desktop\3++rk9rH.htm
2014-09-01 00:04 - 2014-09-01 00:04 - 00000000 ____D () C:\Users\Gepi\Desktop\Nouveau dossier (3)
2014-08-31 23:48 - 2014-08-31 23:48 - 00000000 _____ () C:\Users\Gepi\Desktop\lmAl3Tj2.htm
2014-08-25 06:53 - 2013-09-18 13:04 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-20 13:10

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité